<?php
define('IN_PHP', true);
include('util.php');
include('functions.php');
session_start();
xmysql_connect();
$user = get_user();

if($_POST['action'] == 'change_email') {
	
	/*get user's current email address*/
	$emailquery = "select email from users where user='$user'";
	$user_email2 = mysql_fetch_array(mysql_query($emailquery), MYSQL_ASSOC);
	$user_email2 = $user_email2['email'];
	//ignore my horrible variable names
	$user_email = make_safe($_POST['email']); //new email entered by user
	$changeemail = "update users set email='$user_email' where user='$user'"; 
	if($user_email != $user_email2){mysql_query($changeemail);} //change ONLY IF different
	header('Location: account.php'); //redirect back to the account page
	
	
} else if($_POST['action'] == 'delete_account'){
	$deleteaccount = "delete from users where user='$user'";
	if (!mysql_query($deleteaccount))
	  {
	  die('Error: ' . mysql_error());
	  }
	  header('Location: index.php');
}
//Ax.
?>
